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1 . A method for dynamic ingress to egress tunnel mapping on a communication 
network, the method comprising: 

receiving a tunneled communication from a subscriber using said first communication 

network, said first communication network connected to at least one 

communication network by at least one egress tunnel; 
determining egress tunnel selection criteria for said tunneled communication, said 

egress tunnel selection criteria indicating the basis for selecting one of said at 

least one egress tunnel; 
selecting one of said at least one egress tunnel based on said egress tunnel selection 

criteria; and 

forwarding said tunneled communication on the selected egress tunnel. 

2. The method of claim 1 , further comprising initializing a tunnel database that includes 
tunnel selection criteria for at least one egress tunnel connecting said first 
communication network to said at least one communication network. 

3. The method of claim 1 wherein said tunneled communication comprises a Point-to- 
Point Protocol (PPP) session. 

4. The method of claim 3 wherein said tunnels comprise L2TP tunnels. 



29 



EL839726025US Docket No. CISCO-3287 

5. The method of claim 4 wherein said selecting further comprises: 
determining an ingress tunnel ED for said tunneled session, said ingress tunnel ID 

uniquely identifying an ingress tunnel including said PPP session; and 
5 selecting one of said one or more available egress tunnels based on said ingress tunnel 

ID. 

6. The method of claim 4 wherein said selecting further comprises: 
determining a subscriber domain for said tunneled session; and 

1 0 selecting one of said one or more available egress tunnels based on said subscriber 
domain. 

7. The method of claim 4 wherein said selecting further comprises: 
examining Type of Service (ToS) bits associated with said PPP session; and 

1 5 selecting one of said one or more available egress tunnel based on said ToS bits. 



8. The method of claim 4 wherein said selecting further comprises: 

examining a Virtual Path Identifier (VPI) / Virtual Channel Identifier (VCI) pair 
associated with said PPP session; and 
20 selecting one of said one or more available egress tunnel based on said VPI/VCI pair. 

9. The method of claim 4 wherein said selecting further comprises randomly selecting 
one of said one or more available egress tunnel connected to said remote domain. 
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10. The method of claim 4 wherein said selecting further comprises: 
determining the available bandwidth for at least one egress tunnel to said remote 

domain; and 

5 selecting one of said one or more available egress tunnel to said remote domain 

having the most available bandwidth. 

11. The method of claim 4 wherein said selecting further comprises: 
determining a time at which said PPP session is received; and 

10 selecting one of said one or more available egress tunnel based on said time. 

12. The method of claim 4 wherein said selecting further comprises: 
determining the time at which said PPP session is received; 

determining the available bandwidth for at least one egress tunnel to said remote 
1 5 domain; and 

selecting one of said one or more available egress tunnel having the most available 
bandwidth at said time. 

13. The method of claim 4 wherein said selecting further comprises: 

20 examining Type of Service (ToS) bits associated with said PPP session; 

determining the available bandwidth for at least one egress tunnel to said remote 
domain; and 

selecting one of said one or more available egress tunnel based on said ToS bits and 
said available bandwidth. 

25 
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14. The method of claim 4 wherein said selecting further comprises: 

examining a Virtual Path Identifier (VPI) / Virtual Channel Identifier (VCI) pair 

associated with said PPP session; 
5 determining a class of service based on said VPI/VCI pair; 

determining the available bandwidth for at least one egress tunnel to said remote 

domain; and 

selecting one of said one or more available egress tunnel based on said class of 
service and said available bandwidth, 

10 

15. The method of claim 4 wherein said selecting further comprises selecting one of said 
one or more available egress tunnel to said remote domain having the smallest 
number of tunneled sessions such that tunneled sessions are distributed evenly among 
egress tunnels to said remote domain. 

15 

16. A program storage device readable by a machine, embodying a program of 
instructions executable by the machine to perform a method to dynamically map 
ingress to egress tunnels on a communication network, the method comprising: 

20 receiving a tunneled communication from a subscriber using said first communication 

network, said first communication network connected to at least one 
communication network by at least one egress tunnel; 
determining egress tunnel selection criteria for said tunneled communication, said 
egress tunnel selection criteria indicating the basis for selecting one of said at 

25 least one egress tunnel; 
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selecting one of said at least one egress tunnel based on said egress tunnel selection 
criteria; and 

forwarding said tunneled communication on the selected egress tunnel. 

5 

17. The program storage device of claim 16 wherein said method further comprises 
initializing a tunnel database that includes tunnel selection criteria for at least one 
egress tunnel connecting said first communication network to said at least one 
communication network. 

10 

18. The program storage device of claim 16 wherein said tunneled communication 
comprises a Point-to-Point Protocol (PPP) session. 

19. The program storage device of claim 18 wherein said tunnels comprise L2TP tunnels. 

15 

20. The program storage device of claim 19 wherein said selecting further comprises: 
determining an ingress tunnel ID for said tunneled session, said ingress tunnel ID 

uniquely identifying an ingress tunnel including said PPP session; and 
selecting one of said one or more available egress tunnels based on said ingress tunnel 
20 ID. 

21. The program storage device of claim 19 wherein said selecting further comprises: 
determining a subscriber domain for said tunneled session; and 

selecting one of said one or more available egress tunnels based on said subscriber 
25 domain. 
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22. The program storage device of claim 19 wherein said selecting further comprises: 
examining Type of Service (ToS) bits associated with said PPP session; and 
selecting one of said one or more available egress tunnel based on said ToS bits. 

23. The program storage device of claim 19 wherein said selecting further comprises: 
examining a Virtual Path Identifier (VPI) / Virtual Channel Identifier (VCI) pair 

associated with said PPP session; and 
selecting one of said one or more available egress tunnel based on said VPI/VCI pair. 

24. The program storage device of claim 19 wherein said selecting further comprises 
randomly selecting one of said one or more available egress tunnel connected to said 
remote domain. 

25. The program storage device of claim 19 wherein said selecting further comprises: 
determining the available bandwidth for at least one egress tunnel to said remote 

domain; and 

selecting one of said one or more available egress tunnel to said remote domain 
having the most available bandwidth. 

26. The program storage device of claim 19 wherein said selecting further comprises: 
determining a time at which said PPP session is received; and 

selecting one of said one or more available egress tunnel based on said time. 

27. The program storage device of claim 19 wherein said selecting further comprises: 
determining the time at which said PPP session is received; 
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determining the available bandwidth for at least one egress tunnel to said remote 
domain; and 

selecting one of said one or more available egress tunnel having the most available 
5 bandwidth at said time. 

28. The program storage device of claim 19 wherein said selecting further comprises: 
examining Type of Service (ToS) bits associated with said PPP session; 
determining the available bandwidth for at least one egress tunnel to said remote 
10 domain; and 

selecting one of said one or more available egress tunnel based on said ToS bits and 
said available bandwidth. 



29. The program storage device of claim 19 wherein said selecting further comprises: 
1 5 examining a Virtual Path Identifier (VPI) / Virtual Channel Identifier (VCI) pair 

associated with said PPP session; 
determining a class of service based on said VPI/VCI pair; 
determining the available bandwidth for at least one egress tunnel to said remote 
domain; and 

20 selecting one of said one or more available egress tunnel based on said class of 
service and said available bandwidth. 



30. The program storage device of claim 19 wherein said selecting further comprises 
selecting one of said one or more available egress tunnel to said remote domain 
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having the smallest number of tunneled sessions such that tunneled sessions are 
distributed evenly among egress tunnels to said remote domain. 

5 3 1. An apparatus for dynamic ingress to egress tunnel mapping on a communication 
network, the apparatus comprising: 

means for receiving a tunneled communication from a subscriber using said first 
communication network, said first communication network connected to at least 
one communication network by at least one egress tunnel; 
1 0 means for determining egress tunnel selection criteria for said tunneled 

communication, said egress tunnel selection criteria indicating the basis for 
selecting one of said at least one egress tunnel; 

means for selecting one of said at least one egress tunnel based on said egress tunnel 
selection criteria; and 

1 5 means for forwarding said tunneled communication on the selected egress tunnel. 

32. The apparatus of claim 31, further comprising means for initializing a tunnel database 
that includes tunnel selection criteria for at least one egress tunnel connecting said 
first communication network to said at least one communication network. 

20 

33. The apparatus of claim 31 wherein said tunneled communication comprises a Point- 
to-Point Protocol (PPP) session. 

34. The apparatus of claim 33 wherein said tunnels comprise L2TP tunnels. 

25 
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35. The apparatus of claim 34 wherein said means for selecting further comprises: 
means for determining an ingress tunnel ID for said tunneled session, said ingress 

tunnel ID uniquely identifying an ingress tunnel including said PPP session; and 
means for selecting one of said one or more available egress tunnels based on said 
ingress tunnel ID. 

36. The apparatus of claim 34 wherein said means for selecting further comprises; 
means for determining a subscriber domain for said tunneled session; and 
means for selecting one of said one or more available egress tunnels based on said 

subscriber domain. 

37. The apparatus of claim 34 wherein said means for selecting further comprises: 
means for examining Type of Service (ToS) bits associated with said PPP session; 

and 

means for selecting one of said one or more available egress tunnel based on said ToS 
bits. 

38. The apparatus of claim 34 wherein said means for selecting further comprises: 
means for examining a Virtual Path Identifier (VPI) / Virtual Channel Identifier 

(VCI) pair associated with said PPP session; and 
means for selecting one of said one or more available egress tunnel based on said 
VPI/VCI pair. 
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39. The apparatus of claim 34 wherein said means for selecting further comprises means 
for randomly selecting one of said one or more available egress tunnel connected to 
said remote domain. 

5 

40. The apparatus of claim 34 wherein said means for selecting further comprises: 
means for determining the available bandwidth for at least one egress tunnel to said 

remote domain; and 

means for selecting one of said one or more available egress tunnel to said remote 
1 0 domain having the most available bandwidth. 

41. The apparatus of claim 34 wherein said means for selecting further comprises: 
means for determining a time at which said PPP session is received; and 
means for selecting one of said one or more available egress tunnel based on said 

1 5 time. 

42. The apparatus of claim 34 wherein said means for selecting further comprises: 
means for determining the time at which said PPP session is received; 

means for determining the available bandwidth for at least one egress tunnel to said 
20 remote domain; and 

means for selecting one of said one or more available egress tunnel having the most 
available bandwidth at said time. 

43. The apparatus of claim 34 wherein said means for selecting further comprises: 

25 means for examining Type of Service (ToS) bits associated with said PPP session; 



38 



EL839726025US Docket No. CISCO-3287 

means for determining the available bandwidth for at least one egress tunnel to said 
remote domain; and 

means for selecting one of said one or more available egress tunnel based on said ToS 
5 bits and said available bandwidth. 

44. The apparatus of claim 34 wherein said means for selecting further comprises: 
means for examining a Virtual Path Identifier (VPI) / Virtual Channel Identifier 
(VCI) pair associated with said PPP session; 
1 0 means for determining a class of service based on said VPI/VCI pair; 

means for determining the available bandwidth for at least one egress tunnel to said 
remote domain; and 

means for selecting one of said one or more available egress tunnel based on said 
class of service and said available bandwidth. 



15 



45. The apparatus of claim 34 wherein said means for selecting further comprises means 
for selecting one of said one or more available egress tunnel to said remote domain 
having the smallest number of tunneled sessions such that tunneled sessions are 
distributed evenly among egress tunnels to said remote domain. 



20 
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46. An apparatus for dynamic ingress to egress tunnel mapping on a communication 
network, the apparatus comprising: 

a receiving interface to receive a tunneled communication from a subscriber using 
5 said first communication network, said first communication network connected 

to at least one communication network by at least one egress tunnel; 
an egress tunnel selection criteria determiner to determine egress tunnel selection 

criteria for said tunneled communication, said egress tunnel selection criteria 

indicating the basis for selecting one of said at least one egress tunnel; 
10 an egress tunnel selector to select one of said at least one egress tunnel based on said 

egress tunnel selection criteria; and 
a session forwarder to forward said tunneled communication on the selected egress 

tunnel. 

15 47. The apparatus of claim 46, further comprising a tunnel database initializer to initialize 
a tunnel database that includes tunnel selection criteria for said at least one egress 
tunnel connecting said first communication network to said at least one 
communication network. 

20 48. The apparatus of claim 46 wherein said tunneled communication comprises a Point- 
to-Point Protocol (PPP) session. 

49. The apparatus of claim 48 wherein said tunnels comprise L2TP tunnels. 
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50. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
select one of said one or more available egress tunnels based on an ingress tunnel ID. 

5 51. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
select one of said one or more available egress tunnels based on a subscriber domain 
for said tunneled session. 

52. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
10 select one of said one or more available egress tunnel based on ToS bits associated 

with said PPP session. 

53. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
select one of said one or more available egress tunnel based on a Virtual Path 

1 5 Identifier (VPI) / Virtual Channel Identifier (VCI) pair associated with said PPP 

session. 

54. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
randomly select one of said one or more available egress tunnel connected to said 

20 remote domain. 

55. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
select one of said one or more available egress tunnel to said remote domain having 
the most available bandwidth. 

25 
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56. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
select one of said one or more available egress tunnel based on a time at which said 
PPP session is received. 

5 

57. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
select one of said one or more available egress tunnel having the most available 
bandwidth at a time at which said PPP session is received. 

10 58. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
select one of said one or more available egress tunnel based upon ToS bits associated 
with said PPP session and upon the available bandwidth for at least one egress tunnel 
to said remote domain. 

15 59. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
select one of said one or more available egress tunnel based on a Virtual Path 
Identifier (VPI) / Virtual Channel Identifier (VCI) pair and upon the available 
bandwidth for at least one egress tunnel to said remote domain. 



20 60. The apparatus of claim 49 wherein said egress tunnel selector is further configured to 
select one of said one or more available egress tunnel to said remote domain having 
the smallest number of tunneled sessions such that tunneled sessions are distributed 
evenly among egress tunnels to said remote domain. 
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61. The apparatus of claim 49, further comprising: 

a monitor to periodically assess the loading of said apparatus; and 
a notifier to indicate that ingress tunnels should be directed to a different apparatus 
when said loading exceeds a predetermined threshold. 
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